Amendments to the Claims 



The following Listing of Claims will replace all prior versions, and listings, of claims in 

the application. 

Listing of Claims 

1. (Currently amended) A method for virtualizing access to native resources, the method 
comprising the steps of : 

{a)-receiving a request to access a native resource from a process executing within a 
context of an isolation environment including an application isolation layer and a user isolation 
layer, the request including a virtual name for the native resource; 

{b)-determining that a rule action specifying e f-remap is associated with the virtual name 
included in the received request; 

{e)-forming a literal name for the native resource, the literal name identifying a literal 
native resource of the same type as the requested resource; and 

{d)-issuing to the operating system a request to access the native resource, the request 
including the determined literal name for the native resource. 

2. (Currently amended) The method of claim 1 wherein receiving a request to access a native 
resource step (a) comprises: receiving a request from a process executing in the context of an 
isolation environment to access a named system object, the request including a virtual name for 
the system object. 

3. (Currently amended) The method of claim 2 wherein forming a literal name further step (c) 
comprises: 

{e-4)-determining a rule associated with the virtual name included in the received request; 

and 

(c 2) using the determined rule to form a literal name for the system object that identifies 
a literal system object. 
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4. (Currently amended) The method of claim 1 wherein receiving a request to access a native 
resource step (a) comprises: receiving a request from a process executing in the context of an 
isolation environment to access a file system element, the request including a virtual name for 

the file system element. 

5. (Currently amended) The method of claim 4 wherein forming a literal name further step (c) 
comprises: 

{e-4)-determining a rule associated with the virtual name included in the received request; 

and 

(c 2) using the deteraiined rule to form a literal name for the file system element that 
identifies a literal file system element. 

6. (Currently amended) The method of claim 1 wherein receiving a request to access a native 
resource step (a) comprises: receiving a request from a process executing in the context of an 
isolation environment to access a registry key, the request including a virtual name for the 
registry key. 

7. (Currently amended) The method of claim 6 wherein forming a literal name further step-fe^ 
comprises: 

{e-4)-determining a rule associated with the virtual name included in the received request; 

and 

(c 2) using the determined rule to form a literal name for the registry key that identifies a 
literal registry key. 

8. (Currently amended) The method of claim 1 wherein receiving a request to access a native 
resource step (a) comprises: receiving a request from a process executing in the context of an 
isolation environment to access one of a window and a window class, the request including one 
of a virtual name for the window and a virtual name for the window class. 

9. (Currently amended) The method of claim 8 wherein forming a literal name further step (c) 
comprises: 
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{e-4)-detennining a rule associated with the virtual name included in the received request; 

and 

(c 2) using the deteimined rule to form a literal name for the one of a virtual name for the 
window and a virtual name for the window class that identifies one of a literal window name and 
a literal window class. 

10. (Currently amended) The method of claim 1 wherein forming a literal name further step (c) 
comprises: 

{e-4)-accessing a rules engine to determine a rule associated with the virtual name 
received in the request; and 

(c 2) forming a literal name for the native resource responsive to the determined rule, the 
formed literal name identifying a literal native resource of the same type as the requested 
resource. 

11. (Currently amended) The method of claim 1 further comprisingi the step of r eceiving a 
handle from the operating system identifying the accessed object. 

12. (Currently amended) The method of claim 1 1 further comprising; the step of transmitting the 
handle to the process. 

13. (Currently amended) The method of claim 1 wherein forming a literal name step (c) further 
comprises: determining, by the remap rule, the literal name of the native resource for the virtual 
name of the native resource. 

14. (Currently amended) A computer implemented apparatus provided by an operating system 
executing on a processor of a computer and virtualizing access to native resources, the apparatus 
comprising: 

a hooking mechanism receiving a request to access a native resource from a process 
executing in the context of an isolation environment including an application isolation layer and 
a user isolation layer, the request including a virtual name for the native resource; 
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a rules engine storing a rule action associated with the virtual name included in the 
received request, the rule action specifying remap; 

a name virtualization engine foiming a literal name for the native resource, the formed 
literal name identifying a literal native resource of the same type as the requested resource; and 

an interface of an operating system executing on a processor of a computer, the interface 
requesting access to the identified literal native resource. 

15. (Original) The apparatus of claim 14 wherein the hooking mechanism intercepts a request to 
open a native resource. 

16. (Original) The apparatus of claim 14 wherein the hooking mechanism intercepts a request to 
create a native resource. 

17. (Cancelled). 

18. (Currently amended) The apparatus of claim 14 j-?-wherein the rules engine comprises a 
database. 

19. (Currently amended) The apparatus of claim 14 j^wherein the rule engine stores a rule 
action comprises a rule to determine the literal name of the native resource from the virtual name 
of the native resource. 

20. (Original) The apparatus of claim 14 wherein the hooking mechanism comprises a file 
system filter driver. 

21. (Original) The apparatus of claim 14 wherein the hooking mechanism comprises a mini- 
filter. 

22. (Original) The apparatus of claim 14 wherein a native file system comprises the hooking 
mechanism. 
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